RE: netbios filters

From: Brian Hescock (bhescock@xxxxxxxxx)
Date: Thu Feb 01 2001 - 19:56:03 GMT-3

• Next message: Jay Hennigan: "Re: How much time u get to pass the lab before your written examexpires"
• Previous message: Mike S. Lee: "RE: Non-transient AS's in BGP"
• Maybe in reply to: Brian Hescock: "netbios filters"
• Next in thread: Dave Martin: "Re: netbios filters"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
But that would filter all netbios, correct, not just one specific entry
that I want to keep out of the reachability table? Again, it might not be
possible, I'm just trying to think of wacked out scenarios they
like. Because if they were to ask "filter out netbios name 'filterme'
but allow all others", I would assume that would mean you shouldn't see it
in the reachability table either, even if the connection wouldn't form
because of a filter on the name query (using the filter on the remote-peer
command).

B.

On Thu, 1 Feb 2001, Earl Aboytes wrote:

> You can only use the netbios filter command on Token ring interfaces. If
> you want to filter netbios in an Ethernet environment, you will need to use
> LSAP filters.
> Earl Aboytes, CCIE 6097
>
> -----Original Message-----
> From: Brian Hescock [mailto:bhescock@cisco.com]
> Sent: Thursday, February 01, 2001 2:30 PM
> To: Bernard Dunn
> Cc: ccielab@groupstudy.com
> Subject: Re: netbios filters
>
> Can't use it on anything other than token ring interfaces (IOS gives you
> an error message that says that).
>
> On Fri, 2 Feb 2001, Bernard Dunn wrote:
>
> > Brian,
> >
> > You should be able to use :
> >
> > (global)
> > netbios access-list <label>
> >
> > (On the interface)
> > netbios input-access-filter host
> > netbios output-access-filter host
> >
> > Hope this helps.
> >
> > Bernard.
> >
> > On Thu, 1 Feb 2001, Brian Hescock wrote:
> >
> > > ok, this is probably a stupid question but I can seem to find it
> > > anywhere, perhaps it isn't possible. Netbios filters only seem to be
> > > allowed on token ring interfaces, other than on the dlsw remote-peer
> > > command. But that command only keeps connections from being formed by
> > > blocking the name query it seems and the entries still make it into the
> > > reachability table. Is there a way to filter netbios so I
> > > don't even get the netbios names in the reachability info? The only way
> I
> > > can think to do it would be a real kluge:
> > >
> > > - on the remote-peer use "netbios-exclusive" and not have any
> > > "icanreach" netbios commands. I would think this *should* prevent it
> from
> > > forwarding any netbios. Again, this would be a complete kluge and this
> > > wouldn't work if you wanted to just filter out one name.
> > >
> > > Is there a way to do it?
> > >
> > > Brian
> > >
> > >

• Next message: Jay Hennigan: "Re: How much time u get to pass the lab before your written examexpires"
• Previous message: Mike S. Lee: "RE: Non-transient AS's in BGP"
• Maybe in reply to: Brian Hescock: "netbios filters"
• Next in thread: Dave Martin: "Re: netbios filters"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:33 GMT-3